Hi all,
We have a FortiGate 81f running FortiOS 7.0.5.
We have Application Control running that blocks proxy and vpn, which we want.
We do however have one internal device (static IP) that we need to connect via vpn to an external ip. We also have another internal device that requires connection to an external proxy.
What is the best way to allow an internal ip to use vpn or proxy to contact an external ip? Custom IPS signature?
thanks
jc
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Team,
The best way is to create one more application control and create one firewall policy on top for these two users and keep the firewall policy on top.
This should be fine.
Hi Team,
The best way is to create one more application control and create one firewall policy on top for these two users and keep the firewall policy on top.
This should be fine.
Thanks.
So to clarify, will creating one firewall policy for both allow me to specify that only internal IP aaa.aaa.aaa.aaa can use OpenVPN to connect to external IP bbb.bbb.bbb.bbb and that only internal IP yyy.yyy.yyy.yyy can connect to proxy zzz.zzz.zzz.zzz?
I don't want to allow IP yyy.yyy.yyy.yyy to be able to use OpenVPN for instance.
thanks
Hi seshuganesh,
Soryy, forgot I asked this. I have set up the firewall rule as suggested and all good!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1546 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.